Sometimes you may need to view all the open ports in your Linux system to ensure that unknown processes are not exposing your system. You may also need to find out open ports on your system if you want to run a process on one of the closed ports and open it. There are multiple ways to list open ports in Linux. In this article, we will look at the different ways to do it using ss, netstat and nmap commands.
How to List Open Ports in Ubuntu Linux
Here are the different ways to list open ports in Ubuntu Linux. You can also use these commands on other Linux distributions since these commands are available in almost every Linux system.
List Open Ports using netstat
Open terminal and run the following command to list open ports using netstat command.
$ sudo netstat -tulpn | grep LISTEN
In the above command,
- -t : List All TCP ports
- -u : List All UDP ports
- -l : List open server sockets
- -p : Display PID & name of the program along with their open sockets
- -n : Don’t resolve names
- | grep LISTEN : Display open ports by applying grep command filter.
netstat command will display all processes along with their ports. So we pipe its output to grep command to filter only open ports. We search for LISTEN string which indicates listening ports that is, open ports.
You will see output like the following, which lists apache and ssh processes running on ports 80 and 22 respectively.
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN 0 43385 1821/apache2 tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 44064 1823/sshd ...
Display Open Ports using ss
You can also use ss command to view socket statistics
$ sudo ss -tulpn
You will see output similar to one shown below.
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 224.0.0.251:5353 0.0.0.0:* users:(("chromium",pid=13873,fd=419))
tcp LISTEN 0 5 127.0.0.1:44321 0.0.0.0:* users:(("mcd",pid=4884,fd=0))
...
Show open ports using lsof
You can also use lsof command to display open ports.
$ sudo lsof -i -P -n | grep LISTEN
where the different options mean the following
- -i : look for listening ports
- -P : prevent conversion of port numbers to port names for network files to make command run faster
- -n : don’t use DNS name
- | grep LISTEN : only show ports in LISTEN state that is open ports
List open ports using nmap
You can also use nmap command to list open ports as shown below.
$ sudo nmap -sTU -O localhost
In the above command, the different options mean
- T – TCP/IP ports
- U – UDP ports
Please note, even if a port is open it may still not be accessible from outside due to firewall blocking its access. So it is also important to view firewall rules to ensure that your port is completely open.
Here is the command to list firewall rules/open firewall ports.
$ sudo iptables -S
Keeping track of open ports is one of the most important tasks of system administrators. In fact, you may need to regularly run the above commands to keep an eye on open ports on your system. So you may want to add a cronjob with any of the above command and save its output to a file. This way you just have to simply open the file to view the open ports on your system on that day. For example, run the following command to open crontab.
$ sudo crontab -e
Add the following line to your crontab file to run the netstat command every day at 10AM to list all the open ports on your system at that time. The output of this command is saved to /home/open_ports.txt automatically. YOu can modify it as per your requirement.
0 10 * * * sudo netstat -tulpn | grep LISTEN > /home/open_ports.txt
All you need to do is open this file every day to check if any unexpected ports are open on your system.
$ sudo cat /home/open_ports.txt
Also read:
How to Rewrite URL to Another Subdirectory in Apache
How to Rewrite URL with Parameters in Apache
How to Combine Two Files in Linux
How to Rewrite URL to Another URL in Apache
How to Filter Logs by Date/Time in Linux